lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <174786678048.1383760.1562421474540065349.stgit@frogsfrogsfrogs> Date: Wed, 21 May 2025 15:42:14 -0700 From: "Darrick J. Wong" <djwong@...nel.org> To: tytso@....edu Cc: linux-ext4@...r.kernel.org Subject: [PATCH 28/29] fuse2fs: propagate default ACLs to new children From: Darrick J. Wong <djwong@...nel.org> generic/319 points out that we don't propagate the default ACL from a directory into new children. Do that, since that's expected behavior. Signed-off-by: "Darrick J. Wong" <djwong@...nel.org> --- misc/fuse2fs.c | 124 +++++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 103 insertions(+), 21 deletions(-) diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c index 71e81992cc1819..a9f753c775db09 100644 --- a/misc/fuse2fs.c +++ b/misc/fuse2fs.c @@ -866,6 +866,96 @@ static int op_readlink(const char *path, char *buf, size_t len) return ret; } +static int __getxattr(struct fuse2fs *ff, ext2_ino_t ino, const char *name, + void **value, size_t *value_len) +{ + ext2_filsys fs = ff->fs; + struct ext2_xattr_handle *h; + errcode_t err; + int ret = 0; + + err = ext2fs_xattrs_open(fs, ino, &h); + if (err) + return translate_error(fs, ino, err); + + err = ext2fs_xattrs_read(h); + if (err) { + ret = translate_error(fs, ino, err); + goto out_close; + } + + err = ext2fs_xattr_get(h, name, value, value_len); + if (err) { + ret = translate_error(fs, ino, err); + goto out_close; + } + +out_close: + err = ext2fs_xattrs_close(&h); + if (err && !ret) + ret = translate_error(fs, ino, err); + return ret; +} + +static int __setxattr(struct fuse2fs *ff, ext2_ino_t ino, const char *name, + void *value, size_t valuelen) +{ + ext2_filsys fs = ff->fs; + struct ext2_xattr_handle *h; + errcode_t err; + int ret = 0; + + err = ext2fs_xattrs_open(fs, ino, &h); + if (err) + return translate_error(fs, ino, err); + + err = ext2fs_xattrs_read(h); + if (err) { + ret = translate_error(fs, ino, err); + goto out_close; + } + + err = ext2fs_xattr_set(h, name, value, valuelen); + if (err) { + ret = translate_error(fs, ino, err); + goto out_close; + } + +out_close: + err = ext2fs_xattrs_close(&h); + if (err && !ret) + ret = translate_error(fs, ino, err); + return ret; +} + +static int propagate_default_acls(struct fuse2fs *ff, ext2_ino_t parent, + ext2_ino_t child) +{ + void *def; + size_t deflen; + int ret; + + if (!ff->acl) + return 0; + + ret = __getxattr(ff, parent, XATTR_NAME_POSIX_ACL_DEFAULT, &def, + &deflen); + switch (ret) { + case -ENODATA: + case -ENOENT: + /* no default acl */ + return 0; + case 0: + break; + default: + return ret; + } + + ret = __setxattr(ff, child, XATTR_NAME_POSIX_ACL_DEFAULT, def, deflen); + ext2fs_free_mem(&def); + return ret; +} + static int op_mknod(const char *path, mode_t mode, dev_t dev) { struct fuse_context *ctxt = fuse_get_context(); @@ -989,6 +1079,9 @@ static int op_mknod(const char *path, mode_t mode, dev_t dev) ext2fs_inode_alloc_stats2(fs, child, 1, 0); + ret = propagate_default_acls(ff, parent, child); + if (ret) + goto out2; out2: pthread_mutex_unlock(&ff->bfl); out: @@ -1130,6 +1223,10 @@ static int op_mkdir(const char *path, mode_t mode) goto out3; } + ret = propagate_default_acls(ff, parent, child); + if (ret) + goto out3; + out3: ext2fs_free_mem(&block); out2: @@ -2554,7 +2651,6 @@ static int op_getxattr(const char *path, const char *key, char *value, struct fuse_context *ctxt = fuse_get_context(); struct fuse2fs *ff = (struct fuse2fs *)ctxt->private_data; ext2_filsys fs; - struct ext2_xattr_handle *h; void *ptr; size_t plen; ext2_ino_t ino; @@ -2583,23 +2679,9 @@ static int op_getxattr(const char *path, const char *key, char *value, if (ret) goto out; - err = ext2fs_xattrs_open(fs, ino, &h); - if (err) { - ret = translate_error(fs, ino, err); + ret = __getxattr(ff, ino, key, &ptr, &plen); + if (ret) goto out; - } - - err = ext2fs_xattrs_read(h); - if (err) { - ret = translate_error(fs, ino, err); - goto out2; - } - - err = ext2fs_xattr_get(h, key, &ptr, &plen); - if (err) { - ret = translate_error(fs, ino, err); - goto out2; - } if (!len) { ret = plen; @@ -2611,10 +2693,6 @@ static int op_getxattr(const char *path, const char *key, char *value, } ext2fs_free_mem(&ptr); -out2: - err = ext2fs_xattrs_close(&h); - if (err && !ret) - ret = translate_error(fs, ino, err); out: pthread_mutex_unlock(&ff->bfl); @@ -3153,6 +3231,10 @@ static int op_create(const char *path, mode_t mode, struct fuse_file_info *fp) ext2fs_inode_alloc_stats2(fs, child, 1, 0); + ret = propagate_default_acls(ff, parent, child); + if (ret) + goto out2; + ret = __op_open(ff, path, fp); if (ret) goto out2;
Powered by blists - more mailing lists